Votre question

Des fenetres IE :S

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Février 2007 23:08:54

Salut a tous

voici mon probleme dès que je vais sur internet (j'ai IE) j'ai des sites qui apparaissent comme ca de nul part... et j'ai remarqué sur des forum qu'il y avait d'autre internaute qui étaient dans mon cas.... donc j'ai fais un scan HIJACKTHIS

Logfile of HijackThis v1.99.1
Scan saved at 23:01:49, on 15/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Seb\Mes documents\Mes Utilitaires\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.c...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_1...
O18 - Protocol: bw+0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

voila merci de m aider rapidement

Autres pages sur : fenetres

15 Février 2007 23:16:53

bonsoir,
probablement vundo:
~Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer
Clique sur le bouton Scan for Vundo.
~Lorsque le scan est complété, clique sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK.
~Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo

18 Février 2007 15:53:32

Bonjour

Celui qui a poster ce problème c'est un pot a moi (KRIS), il l'a fait a ma place car j'arrivai pas à ouvrir le site (il faut que j'enleve le s de infos pour pouvoir y accéder :s)

donc voila l'analyse de VundoFix:


VundoFix V6.3.6

Checking Java version...

Scan started at 20:59:32 17/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\ckanqlns.dll
C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\gnwyxgrp.exe
C:\WINDOWS\system32\gsvlccog.dll
C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\njgrdjni.exe
C:\WINDOWS\system32\ofijxxbs.dll
C:\WINDOWS\system32\olnlknjt.exe
C:\WINDOWS\system32\qqwjpaaq.exe
C:\WINDOWS\system32\rlivprjl.exe
C:\WINDOWS\system32\rqrppqn.dll
C:\WINDOWS\system32\scdtvebp.dll
C:\WINDOWS\system32\svfhsikk.exe
C:\WINDOWS\system32\ttablsef.dll
C:\WINDOWS\system32\vsuadigl.dll
C:\WINDOWS\system32\ycbeg.bak1
C:\WINDOWS\system32\ycbeg.bak2
C:\WINDOWS\system32\ycbeg.ini

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ckanqlns.dll
C:\WINDOWS\system32\ckanqlns.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\gebcy.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gnwyxgrp.exe
C:\WINDOWS\system32\gnwyxgrp.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\gsvlccog.dll
C:\WINDOWS\system32\gsvlccog.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\jkkkijg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\njgrdjni.exe
C:\WINDOWS\system32\njgrdjni.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ofijxxbs.dll
C:\WINDOWS\system32\ofijxxbs.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\olnlknjt.exe
C:\WINDOWS\system32\olnlknjt.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qqwjpaaq.exe
C:\WINDOWS\system32\qqwjpaaq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\rlivprjl.exe
C:\WINDOWS\system32\rlivprjl.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\rqrppqn.dll
C:\WINDOWS\system32\rqrppqn.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\scdtvebp.dll
C:\WINDOWS\system32\scdtvebp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\svfhsikk.exe
C:\WINDOWS\system32\svfhsikk.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttablsef.dll
C:\WINDOWS\system32\ttablsef.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vsuadigl.dll
C:\WINDOWS\system32\vsuadigl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ycbeg.bak1
C:\WINDOWS\system32\ycbeg.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ycbeg.bak2
C:\WINDOWS\system32\ycbeg.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ycbeg.ini
C:\WINDOWS\system32\ycbeg.ini Has been deleted!

Performing Repairs to the registry.
Done!
Contenus similaires
18 Février 2007 15:54:14

et voici un nouvelle analyse de Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 23:01:49, on 15/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Seb\Mes documents\Mes Utilitaires\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.c...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_1...
O18 - Protocol: bw+0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

18 Février 2007 23:11:51

~Lance VundoFix.exe
NE clique PAS sur le bouton Scan for Vundo
Clique Droit dans la fenêtre blanche, choisis Add more files ?
Rajoute dans la première ligne :

C:\WINDOWS\system32\rqrppqn.dll

Clique successivement sur:
- Add Files
- Close Windows
- Remove Vundo
Si l'outil te demande de redémarrer, accepte.
Copie/Colle ensuite le rapport C:\vundofix.txt
19 Février 2007 15:53:36

voici le rapport Vundofix:


VundoFix V6.3.6

Checking Java version...

Scan started at 20:59:32 17/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\ckanqlns.dll
C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\gnwyxgrp.exe
C:\WINDOWS\system32\gsvlccog.dll
C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\njgrdjni.exe
C:\WINDOWS\system32\ofijxxbs.dll
C:\WINDOWS\system32\olnlknjt.exe
C:\WINDOWS\system32\qqwjpaaq.exe
C:\WINDOWS\system32\rlivprjl.exe
C:\WINDOWS\system32\rqrppqn.dll
C:\WINDOWS\system32\scdtvebp.dll
C:\WINDOWS\system32\svfhsikk.exe
C:\WINDOWS\system32\ttablsef.dll
C:\WINDOWS\system32\vsuadigl.dll
C:\WINDOWS\system32\ycbeg.bak1
C:\WINDOWS\system32\ycbeg.bak2
C:\WINDOWS\system32\ycbeg.ini

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ckanqlns.dll
C:\WINDOWS\system32\ckanqlns.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\gebcy.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gnwyxgrp.exe
C:\WINDOWS\system32\gnwyxgrp.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\gsvlccog.dll
C:\WINDOWS\system32\gsvlccog.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkkkijg.dll
C:\WINDOWS\system32\jkkkijg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\njgrdjni.exe
C:\WINDOWS\system32\njgrdjni.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ofijxxbs.dll
C:\WINDOWS\system32\ofijxxbs.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\olnlknjt.exe
C:\WINDOWS\system32\olnlknjt.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qqwjpaaq.exe
C:\WINDOWS\system32\qqwjpaaq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\rlivprjl.exe
C:\WINDOWS\system32\rlivprjl.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\rqrppqn.dll
C:\WINDOWS\system32\rqrppqn.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\scdtvebp.dll
C:\WINDOWS\system32\scdtvebp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\svfhsikk.exe
C:\WINDOWS\system32\svfhsikk.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttablsef.dll
C:\WINDOWS\system32\ttablsef.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vsuadigl.dll
C:\WINDOWS\system32\vsuadigl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ycbeg.bak1
C:\WINDOWS\system32\ycbeg.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ycbeg.bak2
C:\WINDOWS\system32\ycbeg.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ycbeg.ini
C:\WINDOWS\system32\ycbeg.ini Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\rqrppqn.dll
C:\WINDOWS\system32\rqrppqn.dll Has been deleted!

Performing Repairs to the registry.
Done!
19 Février 2007 16:02:14

j'ai l'impression que c'est le meme scan que je t'ai passé et pourtant je suis bien allé dans C:\vundofix.txt .
Regarde bien tu verras il y a la meme date de scan.

En tout cas j'ai essayer en le supprimant et apre en faisant ton etape et maintenant j'ai ca comme scan:


Beginning removal...

Performing Repairs to the registry.
Done!
19 Février 2007 21:17:27

bonsoir
Citation :
Attempting to delete C:\WINDOWS\system32\rqrppqn.dll
C:\WINDOWS\system32\rqrppqn.dll Has been deleted!

celle là avait resisté...
poste un nouveau log hijackthis stp pour terminer le travail... ;) 
20 Février 2007 22:43:23

Logfile of HijackThis v1.99.1
Scan saved at 22:43:12, on 20/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Seb\Mes documents\Mes Utilitaires\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.c...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O18 - Protocol: bw+0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

20 Février 2007 22:55:32

Bonsoir
~Télécharge AVG anti-spyware.
http://www.ewido.net/en/download/
~Mets le à jour.
Redémarre en mode sans échec. (f8 au démarrage)
http://www.malekal.com/modesansechec.php
~Dans l’onglet analyse, dans Paramètre, clique sur Actions recommandées : choisis Quarantaine.

~Clique sur Analyse puis Analyse complète du système pour commencer le scan.

~Une fois que le scan est terminé, clique sur Appliquer toutes les actions, pour supprimer tous les fichiers infectés trouvés par AVG Anti-Spyware.

~Une fois que la suppression des fichiers infectés a été faite, clique sur enregistrer le rapport et sauvegarde-le sur le bureau.
~Redémarre normalement
~Copie/Colle le rapport ici.
TutoAVG antispyware : (merci à Malekal) .
http://www.malekal.com/tutorial_AVG_AntiSpyware.html

23 Février 2007 07:11:06

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 07:05:08 23/02/2007

+ Résultat de l'analyse:



C:\buqp.exe -> Adware.Fakealert : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{2C6C2A75-7B99-4F2B-ADA2-CCC15FAEE703}\RP118\A0047506.dll -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{2C6C2A75-7B99-4F2B-ADA2-CCC15FAEE703}\RP119\A0047600.dll -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\jkkkijg.dll.bad -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\rqrppqn.dll.bad -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\autosys.exe -> Downloader.Obfuscated.bh : Nettoyé et sauvegardé (mise en quarantaine).
C:\cmttn.exe -> Downloader.Obfuscated.bh : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{2C6C2A75-7B99-4F2B-ADA2-CCC15FAEE703}\RP119\A0047625.exe -> Dropper.Delf.gi : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{2C6C2A75-7B99-4F2B-ADA2-CCC15FAEE703}\RP120\A0047727.exe -> Hijacker.Agent.is : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{2C6C2A75-7B99-4F2B-ADA2-CCC15FAEE703}\RP119\A0047635.exe -> Logger.Agent : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{2C6C2A75-7B99-4F2B-ADA2-CCC15FAEE703}\RP119\A0047636.exe -> Logger.Agent : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\59693OBH\oymqaxyue[1].htm -> Logger.Goldun.on : Nettoyé et sauvegardé (mise en quarantaine).
D:\document\telechargement\sexy\DivX\PornMovieGrabberCrack.rar/PMG.exe -> Not-A-Virus.PornDownloader.Win32.Delf.c : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WinOpts -> Proxy.Small : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.56:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Seb\Cookies\seb@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.7:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Seb\Cookies\seb@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.48:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.57:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.58:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.59:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.60:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.61:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.36:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.37:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.38:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.41:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.42:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.43:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.34:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.35:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
C:\Documents and Settings\Seb\Local Settings\Temp\Cookies\seb@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.15:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.16:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.17:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.19:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.20:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.21:D :\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\6xreb9b4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Program Files\wunauclt.exe -> Worm.Padonak.a : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\wunauclt.exe -> Worm.Padonak.a : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport

23 Février 2007 12:17:37

bonjour,
encore 2,3 choses...

1
~Tu procèdes au nettoyage de la base de registre en suivant cette procédure :
(Merci à Angélique pour cette procédure^^)
Nettoyer le système avec Jv16 powertools, Easycleaner et ATF-cleaner
Etape 1
Télécharge les logiciels suivants

-AtfCleaner
http://www.atribune.org/public-beta/ATF-Cleaner.exe

-Easycleaner

http://telechargement.zebulon.fr/147-easycleaner.html

-Jv16Powertools
http://telechargement.zebulon.fr/201-jv16-powertools.ht...


- Lire et s'imprègner du tuto "nettoyer le registre", car vous ne pourrez pas y accéder en mode sans échec
http://www.zebulon.fr/articles/base-de-registre-3.php#n...


Redémarre en mode sans échec. (f8 au démarrage)
http://www.malekal.com/modesansechec.php


Easycleaner

Lancer Easycleaner "inutiles" et "registre". Ne toucher en aucun cas à la fonctions doublons
Supprimer tout ce que te propose Easycleaner
Vider la corbeille

Jv16 powertools

Nettoyer le registre selon ce tuto
http://www.zebulon.fr/articles/base-de-registre-3.php#n...


ATF Cleaner

Double-cliquer sur ATF-Cleaner.exe afin de lancer le programme.
- Si vous utilisez IE
Sous l'onglet Main, choisir : Select All
Cliquer sur le bouton Empty Selected
- Si vous utilisez le navigateur Firefox :
Cliquer Firefox au haut et choisir : Select All
Cliquer le bouton Empty Selected
Note : Si vous voulez conserver les mots de passe sauvegardés, cliquer "No" à l'invite.
- Si vous utilisez le navigateur Opera :
Cliquer Opera au haut et choisir : Select All
Cliquer le bouton Empty Selected
Note : Si vous voulez conserver les mots de passe sauvegardés, cliquer "No" à l'invite.
Cliquer Exit, du menu principal, afin de fermer le programme

Etape 2

~Tu redémarres en mode normal

~ Télécharge Clean de Malekal
http://www.malekal.com/download/clean.zip

Enregistre-le sur ton bureau et dézippe-le
Cela va créer un dossier clean.
Double-clic sur ce dossier clean, tu y trouveras dedans plusieurs fichiers.
Double-clic sur clean.cmd.
Un menu va apparaître, choisis l'option 1 en appuyant sur la touche 1 de ton clavier.
Clean va travailler.
Poste le contenu du rapport généré.


27 Février 2007 17:13:38

Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 27/02/2007 a 17:12:13,14

*** Recherche de fichiers sur C:
C:\secure32.html FOUND

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\SpoonUninstall.exe FOUND
C:\WINDOWS\system32\rpcc.dll FOUND

"C:\Program Files\user32.exe" FOUND
"C:\Program Files\widupdate.exe" FOUND
*** Fin du rapport !
27 Février 2007 18:04:22

bonjour !
~Redémarre l'ordinateur en mode sans échec (F8 au démarrage de l'ordinateur)
http://www.malekal.com/modesansechec.php

Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.

~Redémarre normalement
Poste le rapport clean qui se trouve en C:\rapport_clean.txt


27 Février 2007 20:06:40

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 27/02/2007 a 19:40:04,14

Microsoft Windows XP [version 5.1.2600]

*** Suppression de fichiers sur C:
tentative de suppression de C:\secure32.html

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe
tentative de suppression de C:\WINDOWS\system32\rpcc.dll
Impossible de supprimer C:\WINDOWS\system32\rpcc.dll

tentative de suppression de "C:\Program Files\user32.exe"
tentative de suppression de "C:\Program Files\widupdate.exe"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
27 Février 2007 20:37:11

Bonsoir,

Si c'est ca ta solution ben pour l'instant ca ne la pas trop aranger car j'ai encore des sites qui sortent de je ne sais ou.
Par exemple celui ci j'ai noté l'adresse:
http://c5.zedo.com/jsc/c5/ff2.html?n=377;c=98;s=36;d=22;w=800;h=600
http://www.3bsoftwarepromo.com/rr/c_fr/20061206STINARRF...
http://amaena.com/securityworm5/fr/?aid=nm_ik_wavpt_kw_...
http://www.movietickets.com/?CMP=OTC-gen0207innov
http://www.muiegaozsicur.com/exeva.asp?id=46795&0227153...
http://www.winantiviruspro.com/pages/newcontent/?aid=nm...


donc voila :s

ps: petit à petit je mettrai les sites qui apparaissent quand je vais sur internet.
27 Février 2007 23:28:52

re,
Citation :
Si c'est ca ta solution ben pour l'instant ca ne la pas trop aranger car j'ai encore des sites qui sortent de je ne sais ou.

je te demande d'être un peu plus respectueux stp. IDN n'est pas une hotline ou tu payes pour avoir un service.

continuons maintenant....

1
~Télécharge. F-Secure Blacklight
https://europe.f-secure.com/exclude/blacklight/blbeta.e...


- Lance F-Secure Blacklight (fichier blbeta.exe)
- Accepte la licence, et clique enfin sur "Scan" puis Next et Exit.
- Un rapport fsbl-bxxxx.log (xx sont des chiffres) va être créé dans le même dossier que blbeta.exe
- Ouvre fsbl-bxxxx.log , fais un copier/coller dans ton prochain message.

Attention ! .
Il ne faut pas choisir l'option "Rename". de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe .
Tuto de F-Secure BlackLight : (merci à Malekal) .
http://www.malekal.com/tutorial_f-secure_BlackLight.htm...

2
poste un nouveau hijackthis
28 Février 2007 00:30:45

02/28/07 00:27:16 [Info]: BlackLight Engine 1.0.55 initialized
02/28/07 00:27:16 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/28/07 00:27:16 [Note]: 7019 4
02/28/07 00:27:16 [Note]: 7005 0
02/28/07 00:27:29 [Note]: 7006 0
02/28/07 00:27:29 [Note]: 7011 3792
02/28/07 00:27:30 [Note]: 7026 0
02/28/07 00:27:30 [Note]: 7026 0
02/28/07 00:27:34 [Note]: FSRAW library version 1.7.1021
02/28/07 00:29:40 [Note]: 7007 0
28 Février 2007 00:31:35

Citation :
2
poste un nouveau hijackthis
28 Février 2007 00:31:38

Logfile of HijackThis v1.99.1
Scan saved at 00:31:24, on 28/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\ETWC v1.1\etwc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Seb\Mes documents\Mes Utilitaires\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.c...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O18 - Protocol: bw+0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

28 Février 2007 00:33:28

pendant que je lis celui là, fais cela stp:
~Fais un clic droit sur Hijackthis.exe et renomme-le en scanner.exe., puis
~Lance scanner.exe "do a system scan & save log file",et fais un copier coller du rapport généré dans ton prochain post.

28 Février 2007 00:35:16

scanner.exe ou scanner.exe.
28 Février 2007 00:38:22

on s'en fiche, tu peux même l'appeler ceiber ou médor si tu veux, c'est juste pour leurrer vundo. si ça marche tu vas voir que des lignes 2 et des 20 vont apparaître dans le log.

tu joues à wolfenstein?
28 Février 2007 00:38:31

Logfile of HijackThis v1.99.1
Scan saved at 00:38:17, on 28/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\ETWC v1.1\etwc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Seb\Mes documents\Mes Utilitaires\HijackThis\scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {245CCE71-072C-46C3-B300-D1CC8871D8D9} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {869A3904-92AE-4386-9B0D-0C8FD08A37CA} - C:\WINDOWS\system32\ddcca.dll
O2 - BHO: (no name) - {C0982322-2A6C-4022-92F1-C7CB9F86DCC8} - (no file)
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.c...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O18 - Protocol: bw+0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ddcca - C:\WINDOWS\system32\ddcca.dll
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

28 Février 2007 00:39:59

bingo :D 

donc tu repasse un coup de vundofix:

~Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer
Clique sur le bouton Scan for Vundo.
~Lorsque le scan est complété, clique sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK.
~Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo

28 Février 2007 00:41:00

non je jou a COD , Lineage, NFS carbon, BF2, Anno 1701 et Rainbow Six Vegas
28 Février 2007 00:45:13

ok,
tu passes vundofix?
28 Février 2007 00:52:52

oui attend je te met le scan
28 Février 2007 00:53:36


Beginning removal...

Performing Repairs to the registry.
Done!

VundoFix V6.3.7

Checking Java version...

Scan started at 00:42:48 28/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\accdd.bak1
C:\WINDOWS\system32\accdd.bak2
C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\aqilkygo.exe
C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\ghrenqic.dll
C:\WINDOWS\system32\iexttqdw.exe
C:\WINDOWS\system32\mphbranq.dll
C:\WINDOWS\system32\ngtgonsb.dll
C:\WINDOWS\system32\nhcspkpt.exe
C:\WINDOWS\system32\ntxutgmj.exe
C:\WINDOWS\system32\oojnnmnf.exe
C:\WINDOWS\system32\oqydattn.dll
C:\WINDOWS\system32\pgrjstij.exe
C:\WINDOWS\system32\pmfvxsjp.dll
C:\WINDOWS\system32\qnkashta.exe
C:\WINDOWS\system32\rdtnfgah.dll
C:\WINDOWS\system32\rrqpvipj.dll
C:\WINDOWS\system32\unmghqoq.exe
C:\WINDOWS\system32\uvuneosu.dll
C:\WINDOWS\system32\vcramvra.dll
C:\WINDOWS\system32\vfoibdbw.dll
C:\WINDOWS\system32\vgxafxxp.exe
C:\WINDOWS\system32\vsfehadr.dll
C:\WINDOWS\system32\yqbsphgc.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\accdd.bak1
C:\WINDOWS\system32\accdd.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\accdd.bak2
C:\WINDOWS\system32\accdd.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\accdd.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\aqilkygo.exe
C:\WINDOWS\system32\aqilkygo.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\ddcca.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ghrenqic.dll
C:\WINDOWS\system32\ghrenqic.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\iexttqdw.exe
C:\WINDOWS\system32\iexttqdw.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\mphbranq.dll
C:\WINDOWS\system32\mphbranq.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ngtgonsb.dll
C:\WINDOWS\system32\ngtgonsb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nhcspkpt.exe
C:\WINDOWS\system32\nhcspkpt.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ntxutgmj.exe
C:\WINDOWS\system32\ntxutgmj.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\oojnnmnf.exe
C:\WINDOWS\system32\oojnnmnf.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\oqydattn.dll
C:\WINDOWS\system32\oqydattn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pgrjstij.exe
C:\WINDOWS\system32\pgrjstij.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmfvxsjp.dll
C:\WINDOWS\system32\pmfvxsjp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qnkashta.exe
C:\WINDOWS\system32\qnkashta.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\rdtnfgah.dll
C:\WINDOWS\system32\rdtnfgah.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\rrqpvipj.dll
C:\WINDOWS\system32\rrqpvipj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\unmghqoq.exe
C:\WINDOWS\system32\unmghqoq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\uvuneosu.dll
C:\WINDOWS\system32\uvuneosu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vcramvra.dll
C:\WINDOWS\system32\vcramvra.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vfoibdbw.dll
C:\WINDOWS\system32\vfoibdbw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vgxafxxp.exe
C:\WINDOWS\system32\vgxafxxp.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\vsfehadr.dll
C:\WINDOWS\system32\vsfehadr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yqbsphgc.dll
C:\WINDOWS\system32\yqbsphgc.dll Has been deleted!

Performing Repairs to the registry.
Done!
28 Février 2007 00:54:37

Logfile of HijackThis v1.99.1
Scan saved at 00:54:26, on 28/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Seb\Mes documents\Mes Utilitaires\HijackThis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {245CCE71-072C-46C3-B300-D1CC8871D8D9} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {869A3904-92AE-4386-9B0D-0C8FD08A37CA} - C:\WINDOWS\system32\ddcca.dll (file missing)
O2 - BHO: (no name) - {C0982322-2A6C-4022-92F1-C7CB9F86DCC8} - (no file)
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.c...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O18 - Protocol: bw+0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

28 Février 2007 01:07:58

ok,
1
relance hijackthis et fixchecked ces lignes:
O2 - BHO: (no name) - {245CCE71-072C-46C3-B300-D1CC8871D8D9} - (no file)
O2 - BHO: (no name) - {869A3904-92AE-4386-9B0D-0C8FD08A37CA} - C:\WINDOWS\system32\ddcca.dll (file missing)
O2 - BHO: (no name) - {C0982322-2A6C-4022-92F1-C7CB9F86DCC8} - (no file)
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - (no file)
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll

2en mode sans echec
supprime le fichier en gras:
C:\WINDOWS\system32\rpcc.dll

Note :
Citation :
Pour afficher les dossiers et fichiers cachés du système :
Panneau de configuration/Options des dossiers/onglet Affichage/cocher Afficher les fichiers et dossiers cachés, décocher Masquer les extensions de fichiers connus, décocher Masquer les fichiers protégés du Système.

Les fichiers et dossiers cachés du système apparaissent alors dans l'explorateur Windows en transparence.



3
je voudrais vérifier un fichier (lié semble-t-il à wolfeinstein mais j'ai un doute)

Analyse ce fichier :
C:\Program Files\ETWC v1.1\etwc.exe

Sur le site de virustotal
http://www.virustotal.com/en/virustotalx.html
Clique ensuite sur Send
poste-nous le rapport.

C:\Program Files\ETWC v1.1\etwc.exe
28 Février 2007 01:26:51

Pour la 2eme etape je n'arrive pas a supprimer C:\WINDOWS\system32\rpcc.dll

J'ai un message d'erreur :

Impossible de supprimer rpcc: Cette ressource est utilisée par une autre personne ou un autre programme

Fermez les programmes susceptibles d'utiliser le fichier et essayez à nouveau.

Qu'est ce que je fais? Je continue quand meme ?
28 Février 2007 01:28:36

Est ce que je peux le supprimer en mode normal ?
28 Février 2007 01:34:19

C:\Program Files\ETWC v1.1\etwc.exe

c'est un logiciel qui me permet de reduire n'importe quelles applications sur mon bureau...Je m'en sert le plus souvent pour des jeux.

J'ai quand meme voulu faire le scan avec http://www.virustotal.com/en/virustotalx.html Mais au moment ou je fais Send la page ne s'ouvre pas :s

voili
28 Février 2007 11:38:01

bonjour,on va utiliser un outil:
~Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
~Double-clique sur OTMoveIt.exe afin de le lancer.
~Sélectionne TOUS les emplacements suivants :

C:\WINDOWS\system32\rpcc.dll

---> Clique-droit puis Copier

Retourne sur OTMoveIt, fais un Clique-droit sur le cadre de gauche puis choisis Coller.
~Clique maintenant sur [#ff0000]MoveIt![/#f]

!! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES

~Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.


pour le scan chez virus total, il n'y avait rien d'infectieux dans le log? si tu n'as pas de doute, c'est ok pour moi.
28 Février 2007 14:19:22

Je n'arrive pas à ouvrir ton lien pour télécharger OTMoveIt et meme en cherchant sur le net j'ai rien trouver.
28 Février 2007 14:28:27

je viens de le faire ça marche ;) 
il est peut-être surchargé, rééssaye
28 Février 2007 14:33:45

Internet Explorer ne peut pas afficher cette page Web
28 Février 2007 14:35:23

clic droit/enregistrer la cible du lien...
28 Février 2007 14:43:28

Impossible d'etablir une connexion au serveur .
28 Février 2007 14:48:31

bon je reviens ce soir ok !
28 Février 2007 22:43:02

re,
le téléchargement marche toujours chez moi ce soir (sous firefox) ;) 
1 Mars 2007 14:33:00

Avec firefox j'arrive meme pas a lancer infos-du-net :s
1 Mars 2007 14:33:35

La connexion a échoué













Firefox ne peut établir de connexion avec le serveur à l'adresse www.infos-du-net.com.








* Le site est peut-être temporairement indisponible ou surchargé. Réessayez plus
tard ;

* Si vous n'arrivez à naviguer sur aucun site, vérifiez la connexion
au réseau de votre ordinateur ;

* Si votre ordinateur ou votre réseau est protégé par un pare-feu ou un proxy,
assurez-vous que Firefox a l'autorisation d'accéder au Web.
1 Mars 2007 14:37:47

si je te donne mon adresse tu peux me l'envoyer c'est plus simple














Firefox ne peut établir de connexion avec le serveur à l'adresse www.infos-du-net.com.








* Le site est peut-être temporairement indisponible ou surchargé. Réessayez plus
tard ;

* Si vous n'arrivez à naviguer sur aucun site, vérifiez la connexion
au réseau de votre ordinateur ;

* Si votre ordinateur ou votre réseau est protégé par un pare-feu ou un proxy,
assurez-vous que Firefox a l'autorisation d'accéder au Web.
1 Mars 2007 14:55:28

bonjour,
enlève ton adresse msn (pas prudent)
on tente avec un autre programme:
1
~ Télécharge Killbox et installe-le sur ton bureau.
http://www.downloads.subratam.org/KillBox.zip
~Copie le texte ci-dessous (sélectionne-le en entier avec ta souris, puis fais un clic-droit dessus et choisis "Copier") :

Citation :
C:\WINDOWS\system32\rpcc.dll


~Ouvre Killbox:
~Clique sur le menu "File" de KillBox (en haut à gauche) et choisis l'option « Paste from clipboard ».
~Sous "Full Path Of File To Delete" les fichiers viennent de s'inscrire: il faut t'en assurer en cliquant sur la petite flèche à droite!
~Coche les cases : "Delete on Reboot" & "Unregister Dll Before Deleting" .
~Une fois le bouton radio "Delete on Reboot" coché, la case "Single File" va clignoter: clique sur la case "All Files".
~Clique sur la croix blanche sur fond rouge , au message suivant qui va s'afficher:
Citation:

« File will be Removed on Reboot, Do you want to reboot now ? » : répondre YES Le PC va redémarrer et supprimer le fichier de la liste. Sinon redémarre manuellement.

~Une fois que tu auras redémarré, relance Killbox. Clique sur Menu "File" /"Logs" /"Actions History Log". Poste-nous ce rapport.

Tuto Killbox
http://perso.orange.fr/jesses/Docs/Logiciels/KillBox.ht...

NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!" et que l'ordinateur ne redémarre pas, redémarre le manuellement :clique sur Démarrer / arrêter / redémarrer l'ordinateur.

2
repasse un coup de vundofix
3 Mars 2007 15:51:12

Pocket Killbox version 2.0.0.648
Running on Windows XP as Seb(Administrator)
was started @ samedi, mars 03, 2007, 3:43 PM

# 1 [Delete on Reboot]
Path = C:\WINDOWS\system32\rpcc.dll


I Rebooted @ 3:46:15 PM
Killbox Closed(Exit) @ 3:46:23 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as Seb(Administrator)
was started @ samedi, mars 03, 2007, 3:49 PM
3 Mars 2007 16:07:55


Beginning removal...

Performing Repairs to the registry.
Done!

VundoFix V6.3.7

Checking Java version...

Scan started at 00:42:48 28/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\accdd.bak1
C:\WINDOWS\system32\accdd.bak2
C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\aqilkygo.exe
C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\ghrenqic.dll
C:\WINDOWS\system32\iexttqdw.exe
C:\WINDOWS\system32\mphbranq.dll
C:\WINDOWS\system32\ngtgonsb.dll
C:\WINDOWS\system32\nhcspkpt.exe
C:\WINDOWS\system32\ntxutgmj.exe
C:\WINDOWS\system32\oojnnmnf.exe
C:\WINDOWS\system32\oqydattn.dll
C:\WINDOWS\system32\pgrjstij.exe
C:\WINDOWS\system32\pmfvxsjp.dll
C:\WINDOWS\system32\qnkashta.exe
C:\WINDOWS\system32\rdtnfgah.dll
C:\WINDOWS\system32\rrqpvipj.dll
C:\WINDOWS\system32\unmghqoq.exe
C:\WINDOWS\system32\uvuneosu.dll
C:\WINDOWS\system32\vcramvra.dll
C:\WINDOWS\system32\vfoibdbw.dll
C:\WINDOWS\system32\vgxafxxp.exe
C:\WINDOWS\system32\vsfehadr.dll
C:\WINDOWS\system32\yqbsphgc.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\accdd.bak1
C:\WINDOWS\system32\accdd.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\accdd.bak2
C:\WINDOWS\system32\accdd.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\accdd.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\aqilkygo.exe
C:\WINDOWS\system32\aqilkygo.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\ddcca.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ghrenqic.dll
C:\WINDOWS\system32\ghrenqic.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\iexttqdw.exe
C:\WINDOWS\system32\iexttqdw.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\mphbranq.dll
C:\WINDOWS\system32\mphbranq.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ngtgonsb.dll
C:\WINDOWS\system32\ngtgonsb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nhcspkpt.exe
C:\WINDOWS\system32\nhcspkpt.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ntxutgmj.exe
C:\WINDOWS\system32\ntxutgmj.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\oojnnmnf.exe
C:\WINDOWS\system32\oojnnmnf.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\oqydattn.dll
C:\WINDOWS\system32\oqydattn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pgrjstij.exe
C:\WINDOWS\system32\pgrjstij.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmfvxsjp.dll
C:\WINDOWS\system32\pmfvxsjp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qnkashta.exe
C:\WINDOWS\system32\qnkashta.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\rdtnfgah.dll
C:\WINDOWS\system32\rdtnfgah.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\rrqpvipj.dll
C:\WINDOWS\system32\rrqpvipj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\unmghqoq.exe
C:\WINDOWS\system32\unmghqoq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\uvuneosu.dll
C:\WINDOWS\system32\uvuneosu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vcramvra.dll
C:\WINDOWS\system32\vcramvra.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vfoibdbw.dll
C:\WINDOWS\system32\vfoibdbw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vgxafxxp.exe
C:\WINDOWS\system32\vgxafxxp.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\vsfehadr.dll
C:\WINDOWS\system32\vsfehadr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yqbsphgc.dll
C:\WINDOWS\system32\yqbsphgc.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.7

Checking Java version...

Scan started at 15:53:43 03/03/2007

Listing files found while scanning....

C:\WINDOWS\system32\gjagpfcu.exe
C:\WINDOWS\system32\xvwpkhuh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\gjagpfcu.exe
C:\WINDOWS\system32\gjagpfcu.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xvwpkhuh.dll
C:\WINDOWS\system32\xvwpkhuh.dll Has been deleted!

Performing Repairs to the registry.
Done!

3 Mars 2007 20:47:57

bonsoir
poste un nouveau hijackthis pour fixer/nettoyer ce qui reste
5 Mars 2007 22:59:45

Logfile of HijackThis v1.99.1
Scan saved at 22:57:09, on 05/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Seb\Mes documents\Mes Utilitaires\HijackThis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.c...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O18 - Protocol: bw+0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {A79ADC9D-0134-4DB3-8E94-DAD9AD2DEE02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

      • 1 / 2
      • 2
      • Dernier
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS